OAuth 2.0 to authenticate from Office App & prevent login window to open as popup RRS feed

  • Question

  • Hi,

    I am developing an Office App/Addin where users are authenticated from Azure AD by using OAuth 2.0. I am getting authorization code from or via JavaScript.

    The problem is that when user enter username and password on Microsoft Azure Login Page and click on "Sign in", it opens login page outside Word App. I want that all login process should remain inside Word App. The following is the JavaScript code & images

      var replyUrl = window.location;
      var resource = "";
      var authServer = '';
      var endpointUrl = getEndpointUrl();
      var responseType = 'id_token+token';

      var url = authServer +
        "response_type=" + encodeURI(responseType) + "&" +
        "client_id=" + encodeURI(clientId) + "&" +
        "scope=profile%20openid%20" +
        "response_mode=fragment&" +
        "state=aad_login&nonce=AW3a8&" +
        "redirect_uri=" + encodeURI(replyUrl);

         window.location = url;


    Aftab Ahmad

    Tuesday, July 19, 2016 7:55 PM


All replies

  • Hi Aftab Ahmad-,

    We are doing the research about your problem. There might be some delay about the response. Appreciate your patience.

    Thanks for your understanding.
    Thursday, July 21, 2016 5:32 AM
  • Hi,

    Ok. Thanks. I am waiting. Can you tell how much approximately time it can take?


    Aftab Ahmad

    Thursday, July 21, 2016 1:29 PM
  • Hi Aftab Ahmad,

    According to your description, as far as I know that Office runs a task pane add-in on the user's computer. Your add-in opens a pop-up window to start the authentication flow. Add-ins cannot start authentication flows directly because add-ins, depending on the platform used, may run in an IFRAME. For security reasons, OAuth sign-in pages can't be displayed in an IFRAME.

    For more information, click here to refer about Use the OAuth authorization framework in an Office Add-in

    So I suggest that you could submit any feedback to Office Dev UserVoice:

    Thanks for your understanding. 
    • Proposed as answer by David_JunFeng Tuesday, August 2, 2016 2:42 PM
    • Marked as answer by David_JunFeng Tuesday, August 2, 2016 2:42 PM
    Monday, July 25, 2016 9:03 AM
  • Hi David,

    Should we conclude that you cannot use OAuth in Office addins or in other words OAuth incompatible with Office Apps?


    Aftab Ahmad

    Tuesday, August 2, 2016 7:52 PM
  • I have solved now this from the link but if there is ADFS involved then it opens again in popup.


    Aftab Ahmad

    • Marked as answer by Aftab Ahmad- Saturday, August 13, 2016 9:03 PM
    Saturday, August 13, 2016 9:03 PM